<!DOCTYPE html>
<html lang="zh-CN">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Zookeeper 集群节点加密完全指南</title>
    <link href="https://cdn.staticfile.org/font-awesome/6.4.0/css/all.min.css" rel="stylesheet">
    <link href="https://cdn.staticfile.org/tailwindcss/2.2.19/tailwind.min.css" rel="stylesheet">
    <link href="https://fonts.googleapis.com/css2?family=Noto+Serif+SC:wght@400;500;600;700&family=Noto+Sans+SC:wght@300;400;500;700&display=swap" rel="stylesheet">
    <script src="https://cdn.jsdelivr.net/npm/mermaid@latest/dist/mermaid.min.js"></script>
    <style>
        body {
            font-family: 'Noto Sans SC', Tahoma, Arial, Roboto, "Droid Sans", "Helvetica Neue", "Droid Sans Fallback", "Heiti SC", "Hiragino Sans GB", Simsun, sans-serif;
            background: linear-gradient(135deg, #f5f7fa 0%, #c3cfe2 100%);
            min-height: 100vh;
        }
        
        .hero-gradient {
            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
        }
        
        .card-hover {
            transition: all 0.3s ease;
            border: 1px solid transparent;
        }
        
        .card-hover:hover {
            transform: translateY(-5px);
            box-shadow: 0 20px 40px rgba(0,0,0,0.1);
            border: 1px solid rgba(102, 126, 234, 0.3);
        }
        
        .section-title {
            position: relative;
            padding-left: 20px;
        }
        
        .section-title::before {
            content: '';
            position: absolute;
            left: 0;
            top: 50%;
            transform: translateY(-50%);
            width: 4px;
            height: 24px;
            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
            border-radius: 2px;
        }
        
        .code-block {
            background: #1e1e1e;
            color: #d4d4d4;
            padding: 16px;
            border-radius: 8px;
            font-family: 'Consolas', 'Monaco', monospace;
            overflow-x: auto;
        }
        
        .feature-icon {
            width: 60px;
            height: 60px;
            display: flex;
            align-items: center;
            justify-content: center;
            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
            border-radius: 12px;
            color: white;
            font-size: 24px;
            margin-bottom: 16px;
        }
        
        .mermaid {
            background: white;
            padding: 20px;
            border-radius: 12px;
            box-shadow: 0 4px 20px rgba(0,0,0,0.05);
        }
        
        .highlight-text {
            background: linear-gradient(120deg, #f093fb 0%, #f5576c 100%);
            -webkit-background-clip: text;
            -webkit-text-fill-color: transparent;
            background-clip: text;
            font-weight: 600;
        }
        
        .floating-card {
            animation: float 6s ease-in-out infinite;
        }
        
        @keyframes float {
            0% { transform: translateY(0px); }
            50% { transform: translateY(-10px); }
            100% { transform: translateY(0px); }
        }
    </style>
</head>
<body>
    <!-- Hero Section -->
    <div class="hero-gradient text-white py-20 px-6">
        <div class="max-w-6xl mx-auto">
            <div class="text-center">
                <h1 class="text-5xl md:text-6xl font-bold mb-6 tracking-tight">
                    Zookeeper 集群<span class="block mt-2">节点加密完全指南</span>
                </h1>
                <p class="text-xl md:text-2xl opacity-90 max-w-3xl mx-auto leading-relaxed">
                    深入探索分布式系统的安全防护机制，构建坚不可摧的数据堡垒
                </p>
                <div class="mt-10 flex justify-center space-x-6">
                    <div class="text-center">
                        <i class="fas fa-shield-alt text-3xl mb-2"></i>
                        <p class="text-sm opacity-80">多层防护</p>
                    </div>
                    <div class="text-center">
                        <i class="fas fa-lock text-3xl mb-2"></i>
                        <p class="text-sm opacity-80">端到端加密</p>
                    </div>
                    <div class="text-center">
                        <i class="fas fa-network-wired text-3xl mb-2"></i>
                        <p class="text-sm opacity-80">集群安全</p>
                    </div>
                </div>
            </div>
        </div>
    </div>

    <!-- Main Content -->
    <div class="max-w-6xl mx-auto px-6 py-12">
        <!-- Introduction Card -->
        <div class="bg-white rounded-2xl shadow-xl p-8 mb-12 card-hover">
            <div class="prose prose-lg max-w-none">
                <p class="text-gray-700 leading-relaxed text-lg">
                    在 Zookeeper 集群中，节点加密是确保分布式系统安全的核心要素。通过实施全方位的加密策略，我们能够保护数据在存储和传输过程中的<span class="highlight-text">保密性</span>和<span class="highlight-text">完整性</span>。本指南将深入探讨传输加密、节点间通信加密、数据存储加密以及客户端认证等关键技术，帮助您构建一个安全可靠的 Zookeeper 集群。
                </p>
            </div>
        </div>

        <!-- Security Architecture Visualization -->
        <div class="bg-white rounded-2xl shadow-xl p-8 mb-12">
            <h2 class="text-3xl font-bold mb-6 text-gray-800">安全架构全景图</h2>
            <div class="mermaid">
                graph TB
                    subgraph "客户端层"
                        C1[客户端应用]
                        C2[SASL认证]
                        C3[TLS/SSL加密]
                    end
                    
                    subgraph "Zookeeper集群"
                        Z1[Leader节点]
                        Z2[Follower节点1]
                        Z3[Follower节点2]
                        Z4[Observer节点]
                    end
                    
                    subgraph "安全机制"
                        S1[传输加密]
                        S2[节点间加密]
                        S3[存储加密]
                        S4[ACL权限控制]
                    end
                    
                    C1 -->|SASL| C2
                    C2 -->|TLS/SSL| C3
                    C3 -->|加密通道| Z1
                    C3 -->|加密通道| Z2
                    C3 -->|加密通道| Z3
                    
                    Z1 <-->|节点间加密| Z2
                    Z1 <-->|节点间加密| Z3
                    Z2 <-->|节点间加密| Z3
                    Z1 -->|同步| Z4
                    
                    S1 -.->|保护| C3
                    S2 -.->|保护| Z1
                    S2 -.->|保护| Z2
                    S2 -.->|保护| Z3
                    S3 -.->|保护| Z1
                    S3 -.->|保护| Z2
                    S3 -.->|保护| Z3
                    S4 -.->|控制| Z1
                    
                    style C1 fill:#e1f5fe
                    style Z1 fill:#fff3e0
                    style S1 fill:#f3e5f5
            </div>
        </div>

        <!-- Security Features Grid -->
        <div class="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 gap-8 mb-12">
            <!-- TLS/SSL Encryption -->
            <div class="bg-white rounded-2xl shadow-lg p-6 card-hover floating-card">
                <div class="feature-icon">
                    <i class="fas fa-key"></i>
                </div>
                <h3 class="text-2xl font-bold mb-4 section-title">传输加密</h3>
                <h4 class="text-lg font-semibold text-purple-600 mb-3">TLS/SSL 加密</h4>
                <p class="text-gray-600 mb-4">
                    通过 TLS/SSL 协议对客户端与服务器之间的网络通信进行加密，确保数据传输的安全性。
                </p>
                <div class="space-y-3">
                    <div class="flex items-start">
                        <i class="fas fa-check-circle text-green-500 mt-1 mr-3"></i>
                        <div>
                            <strong class="text-gray-700">协议支持</strong>
                            <p class="text-sm text-gray-600">支持 TLS 1.2+ 版本，提供强加密算法</p>
                        </div>
                    </div>
                    <div class="flex items-start">
                        <i class="fas fa-check-circle text-green-500 mt-1 mr-3"></i>
                        <div>
                            <strong class="text-gray-700">证书管理</strong>
                            <p class="text-sm text-gray-600">完整的数字证书生命周期管理</p>
                        </div>
                    </div>
                </div>
                <div class="mt-4">
                    <div class="code-block text-sm">
                        <code>
                            clientPort=2181<br>
                            ssl=true<br>
                            ssl.keyStore=/path/to/keystore<br>
                            ssl.trustStore=/path/to/truststore
                        </code>
                    </div>
                </div>
            </div>

            <!-- Inter-node Communication -->
            <div class="bg-white rounded-2xl shadow-lg p-6 card-hover floating-card" style="animation-delay: 0.5s;">
                <div class="feature-icon">
                    <i class="fas fa-network-wired"></i>
                </div>
                <h3 class="text-2xl font-bold mb-4 section-title">节点间通信加密</h3>
                <h4 class="text-lg font-semibold text-purple-600 mb-3">集群内部安全</h4>
                <p class="text-gray-600 mb-4">
                    保护 Zookeeper 节点之间的数据传输，防止中间人攻击和数据泄露。
                </p>
                <div class="space-y-3">
                    <div class="flex items-start">
                        <i class="fas fa-shield-alt text-blue-500 mt-1 mr-3"></i>
                        <div>
                            <strong class="text-gray-700">端到端加密</strong>
                            <p class="text-sm text-gray-600">Leader 与 Follower 间的安全通信</p>
                        </div>
                    </div>
                    <div class="flex items-start">
                        <i class="fas fa-shield-alt text-blue-500 mt-1 mr-3"></i>
                        <div>
                            <strong class="text-gray-700">防护措施</strong>
                            <p class="text-sm text-gray-600">抵御网络嗅探和数据篡改</p>
                        </div>
                    </div>
                </div>
            </div>

            <!-- Data Storage Encryption -->
            <div class="bg-white rounded-2xl shadow-lg p-6 card-hover floating-card" style="animation-delay: 1s;">
                <div class="feature-icon">
                    <i class="fas fa-database"></i>
                </div>
                <h3 class="text-2xl font-bold mb-4 section-title">数据存储加密</h3>
                <h4 class="text-lg font-semibold text-purple-600 mb-3">静态数据保护</h4>
                <p class="text-gray-600 mb-4">
                    通过操作系统或文件系统层面的加密机制，保护磁盘上的 Zookeeper 数据文件。
                </p>
                <div class="space-y-3">
                    <div class="flex items-start">
                        <i class="fas fa-hdd text-orange-500 mt-1 mr-3"></i>
                        <div>
                            <strong class="text-gray-700">文件系统加密</strong>
                            <p class="text-sm text-gray-600">使用 LUKS、BitLocker 等技术</p>
                        </div>
                    </div>
                    <div class="flex items-start">
                        <i class="fas fa-hdd text-orange-500 mt-1 mr-3"></i>
                        <div>
                            <strong class="text-gray-700">加密存储插件</strong>
                            <p class="text-sm text-gray-600">支持第三方加密解决方案</p>
                        </div>
                    </div>
                </div>
            </div>

            <!-- Authentication & Authorization -->
            <div class="bg-white rounded-2xl shadow-lg p-6 card-hover floating-card" style="animation-delay: 1.5s;">
                <div class="feature-icon">
                    <i class="fas fa-user-shield"></i>
                </div>
                <h3 class="text-2xl font-bold mb-4 section-title">认证与授权</h3>
                <h4 class="text-lg font-semibold text-purple-600 mb-3">ACL 访问控制</h4>
                <p class="text-gray-600 mb-4">
                    基于 ACL 的细粒度权限控制，限制对数据节点的访问和修改权限。
                </p>
                <div class="space-y-3">
                    <div class="flex items-start">
                        <i class="fas fa-lock text-red-500 mt-1 mr